<?php
/*
	[Bidcms.com!] (C)2009-2011 Bidcms.com.
	This is NOT a freeware, use is subject to license terms
	$author limengqi
	$Id: ajax.class.php 2010-08-24 10:42 $
*/
if(!defined('IN_BIDCMS')) {
	exit('Access Denied');
}
class user_controller
{
	function user_controller()
	{
		include ROOT_PATH.'./models/common.php';
	}
	function index_action()
	{
		$this->boards_action();
	}
	function pins_action()
	{
		global $session;
        $uid = $_REQUEST['uid'];
        if(!is_numeric($uid)){
            $uid = getuserId($uid);
        }
        if($uid < 1){
            $uid=$session->get('uid');
        }
		$userpins=array();
		if($uid>0)
		{
			$userpins=getuser($uid,1,1,1,1,1);
			$userpins['feeds']=getfeeds($uid);
			$userpins['pins']=getallpins(0,'and user_id='.$uid);
			$pins=bidcms_encode($userpins);
			include template('user_pins');
		}
		else
		{
			sheader('index.php');
		}
		
	}
	function boards_action()
	{
		global $session;
        $uid = $_REQUEST['uid'];
        if(!is_numeric($uid)){
            $uid = getuserId($uid);
        }
        if($uid < 1){
            $uid=$session->get('uid');
        }
		if($uid>0)
		{
			//$userboards=$GLOBALS['app']['req']['user'];
			$userboards=getuser($uid,1,1,1,1,1);
			$userboards['feeds']=getfeeds($uid);
			$userboards['boards']=getboards(0,'and user_id='.$uid);
			include template('user_boards');
		}
		else
		{
			sheader('index.php');
		}
		
	}
	
	function login_action()
	{
		global $db,$session;
		if(submitcheck('commit'))
		{
			$data['passwd']=md52($_POST['password']);
			$data['email']=trim(strip_tags($_POST['email']));
			$userinfo=$db->fetch_first("select user_id,username from ".tname('user')." where email='".$data['email']."' and passwd='".$data['passwd']."'");
			if($userinfo['user_id']>0)
			{
				$session->set('uid',$userinfo['user_id']);
				echo '{"redirect":"index.php"}';
				exit;
			}
			else
			{
				echo '{"err":403,"msg":"邮箱或密码错误"}';
				exit;
			}
		}
		else
		{
			include template('user_login');
		}
	}
	function logout_action()
	{
		global $session;
		$session->clear();
		$backurl=isset($_GET['url'])?$_GET['url']:'index.php';
		sheader($backurl,3,"安全退出");
	}
	function register_action()
	{
		global $db,$session;
		if(submitcheck('commit'))
		{
			$data['username']=trim(strip_tags($_POST['username']));
			$data['passwd']=md52($_POST['password']);
			$data['email']=trim(strip_tags($_POST['email']));
			//判断邮箱是否注册过
			$check=$db->fetch_first("select user_id from ".tname('user')." where email='".$data['email']."'");
			if($check['user_id']>0)
			{
				echo '{"err":102,"msg":"邮箱已经被占用"}';
				exit;
			}
			$check=$db->fetch_first("select user_id from ".tname('user')." where username='".$data['username']."'");
			if($check['user_id']>0)
			{
				echo '{"err":102,"fieldErrors":{"username":["用户名已经被占用"]}}';
				exit;
			}
			$avatar=$session->get('insertuser');
			$avatar_id=$bind_id=0;
			if($avatar['file_id']>0)
			{
				$avatar_id=$avatar['file_id'];
			}
			if($avatar['bind_id']>0)
			{
				$bind_id=$avatar['bind_id'];
			}
			$db->query("insert into ".tname('user')."(username,urlname,passwd,email,avatar_id,created_at) values('".$data['username']."','".$data['username']."','".$data['passwd']."','".$data['email']."','".$avatar_id."','".time()."')");
			$uid=$db->insert_id();
			if($uid>0)
			{
				if($avatar_id>0)
				{
					$db->query("update ".tname('file')." set isused=1 where file_id=".$avatar_id);
				}
				if($bind_id>0)
				{
					$db->query("update ".tname('user_bind')." set user_id=".$uid." where bind_id=".$bind_id);
				}
				$session->del('insertuser');
				$session->set('uid',$uid);
				$params=$session->get('temppin');
				$backurl=!empty($params)?"index.php?con=pins&act=bookmarket&".http_build_query($params):"index.php?con=user";
				echo '{"err":0,"redirect":"'.$backurl.'"}';
				exit;
			}
			else
			{
				echo '{"err":101,"msg":"注册失败"}';
				exit;
			}
		}
		else
		{
			include template('user_register');
		}
	}
	
	function siteregister_action()
	{
		include template('user_siteregister');
	}
	function profile_action()
	{
		global $db,$app,$session;
		$user=$app['req']['user'];
		$uid=$session->get('uid');
		$error=array();
		if($uid>0)
		{
			if(submitcheck('commit'))
			{

				$username=trim(strip_tags($_POST['user']['username']));
				$email=trim(strip_tags($_POST['user']['email']));
				$urlname=trim(strip_tags($_POST['user']['urlname']));
				$location=trim(strip_tags($_POST['profile']['location']));
				$avatar_id=$session->get('fileid');
				$sql="update ".tname("user")." set username='".$username."',email='".$email."',urlname='".$urlname."',location='".$location."'";
				if($avatar_id>0)
				{
					$sql.=",avatar_id=".$avatar_id;
					$db->query("update ".tname("file")." set isused=1 where file_id=".$avatar_id);
					if($user['avatar_id']>0)
					{
						$db->query("update ".tname("file")." set isused=0 where file_id=".$user['avatar_id']);
					}
				}
				$sql.=" where user_id='".$uid."'";
				$db->query($sql);
				$profile_about=trim(strip_tags($_POST['profile']['about']));
				$profile_location=trim(strip_tags($_POST['profile']['location']));
				$profile_url=trim(strip_tags($_POST['profile']['url']));
				$pro=$db->fetch_first("select user_id from ".tname('user_profile')." where user_id='".$uid."'");
				if(!isset($pro['user_id']))
				{
					$db->query("insert into ".tname("user_profile")."(about,location,url,user_id) values('".$profile_about."','".$profile_location."','".$profile_url."','".$uid."')");
				}
				else
				{
					$db->query("update ".tname("user_profile")." set about='".$profile_about."',location='".$profile_location."',url='".$profile_url."' where user_id='".$uid."'");
				}
				$error=array('info'=>array('成功保存了帐号设置'));
				//$error=array('error'=>array("错误1","错误3"));
				include template('user_profile');
			}
			else
			{
				include template('user_profile');
			}
		}
		else
		{
			sheader("index.php");
		}
	}
	function password_action()
	{
		global $db,$app,$session;
		
		$uid=$session->get('uid');
		$error=array();
		$user=$app['req']['user'];
		if($uid>0)
		{
			if(submitcheck('commit'))
			{
				//判断两次密码一致
				$newpass=$_POST['password']['new'];
				$oldpass=$_POST['password']['old'];
				$confirmpass=$_POST['password']['confirm'];
				if(!empty($newpass))
				{
					if($newpass!=$confirmpass)
					{
						$error=array('error'=>array('两次密码不一致'));
					}
					if(!empty($oldpass))
					{
						//查旧密码
						$userinfo=$db->fetch_first("select user_id from ".tname('user')." where user_id=".$uid." and passwd='".md52($oldpass)."'");
						if($userinfo['user_id']>0)
						{
							$db->query("update ".tname('user')." set passwd='".md52($newpass)."' where user_id=".$uid." and passwd='".md52($oldpass)."'");
							sheader("index.php?con=user&act=profile");
						}
						else
						{
							$error=array('error'=>array('旧密码错误'));
						}
					}
					else
					{
						$error=array('error'=>array('旧密码不能为空'));
					}
				}
				else
				{
					$error=array('error'=>array('新密码不能为空'));
					
				}
				if(!empty($error))
				{
					include template('user_password');
				}
			}
			else
			{
				include template('user_password');
			}
		}
		else
		{
			sheader("index.php");
		}
	}
    //喜欢
	function likes_action()
	{
		global $session;

        $uid = $_REQUEST['uid'];
        if(!is_numeric($uid)){
            $uid = getuserId($uid);
        }
        if($uid < 1){
            $uid=$session->get('uid');
        }
        $page=intval($_REQUEST['p']);
		$userlikes=array();
		if($uid>0)
		{
            $userlikes=getuser($uid,1,1,1,1,1);
            $userlikes['feeds']=getfeeds($uid);
            $userlikes['likes']=getlikes($uid, $page);
			$pins=bidcms_encode($userlikes);
			include template('user_likes');
		}
		else
		{
			sheader('index.php');
		}
	}
	function subscription_action()
	{
		include template('user_subscription');
	}
	function followers_action()
	{
        $users = array();
        $urlname = $_REQUEST['uid'];
        $uid = getuserId($urlname);
        if($uid > 0)
        {
            $user=getuser($uid,1,1,1,1,1);
            $users = getfanusers($uid,1);
        }
        include template('user_followers');
	}
	function following_action()
	{
        $users = array();
        $urlname = $_REQUEST['uid'];
        $uid = getuserId($urlname);
        if($uid > 0)
        {
            $user=getuser($uid,1,1,1,1,1);
            $users = getfollowusers($uid,1);
        }
        include template('user_following');
	}
	function invites_action()
	{
		echo '功能开发中，欢迎定制。。。<a href="index.php">返回首页</a>';
	}
	function friends_action()
	{
		echo '功能开发中，欢迎定制。。。<a href="index.php">返回首页</a>';
	}
}
